Slashdot Mirror
Microsoft's Security Meeting Causes Unease
Tony Maclennan writes to tell us that there were many mixed feelings at this year's Microsoft Security Response and Safety Summit. Many who attended the conference felt that the presentations were sadly lacking in the technical details that were shared in previous years. With Microsoft entering the arena as a competitor to these anti-virus companies, one has to wonder about the effect on the free flow of information that ultimately benefits the consumer.
Has anyone in the DOJ looked into this Microsoft anti-spyware anti-virus bit?
Anyone else feel this is the epitomy of anti-competative practices? Hell their OS is the REASON these other companies exist, and now Microsoft gets to profit from thier own security holes?
Someone else HAS to see the flaw in this idea... I can only pray the EU once again has more sense than the DOJ.
So you're stuck with our crummy OS. Want to buy some protection?
Microsoft would be irresponsible if they did not include a clause in the agreement giving them rights to use anything disclosed at the conference.
Imagine Microsoft was busy working on feature X. Then, along comes someone from Symantec who talks about feature X at the conference. Later, Microsoft comes out with an update to their product incorporating feature X. Symantec cries fowl and starts complaining about how Microsoft stole their confidential information.
All the clause effectively says is that the information disclosed at the conference is not confidential. If it's not a trade secret, Microsoft can use it as it sees fit anyway. The same would hold true for anyone else at the conference. The agreement just puts it down in plain English for those not up on IP law.
fairness and microsoft go together like Military and intelligence. Of course they don't want to talk about how they will patch the gaping holes they leave in their software. And you knew sooner or later someone there would go, hey, why don't WE sell spyware and antivirus software? It's all just foolishness. Microsoft is, has been, and will be, a corrupt monopoly as long as our corrupt government allows it.
I sat in a meeting yesterday with "developers" who had never heard of Bachus-Naur form. I routinely confer with "programmers" who have never heard of a finite state machine. I work daily with "data architects" who have never heard of Dr. Codd or of normalization. I am personally acquainted with upper managers who are just dying to replace OpenBSD-based firewalls with M$ Vista Server. THIS, my fellow cognoscenti, is the extent to which our society is infested with charlatans and ignorami. That M$ can now, on the one hand, generate security holes of arbitrary obscurity, and, on the other, miraculously detect and repair them far and away better than their erstwhile "competitors" is a final and apocalyptic testimonial to the supreme stupidity (I use the word advisedly, in the sense of "willful ignorance") of our omnipotent layers of corporate management. Wasn't it bad enough when M$ were the sole possessors of the Most Sacred A[PB]Is? Wasn't it awful enough that they were able to ignore even the most rudimentary dictates of software engineering with impugnity -- that the drooling imbeciles in management would keep right on paying vast sums of money for hideous deformities of Logic without batting an eyelash? Do they now get to rake in huge profits from "repairing" systemic defects of their own intentional manufacture? I am 41. I am tired and old. I have watched, like a Felliniesque "Sad Clown of Life," wave upon wave of utter inanity wash up on the vast, dead-whale-stinking beach of corporate and academic IT. I have seen too much. I can cry no more. I want to know how to stop caring now. How, for the love of God, do I join the endless ranks of these gibbering fools who never think one picometer beyond their golf handicaps? How, for the bleeding love of the pumping, pulsating heart of Jesus Christ on a pogo stick do I just sit in meetings daydreaming about jumping into my big yellow H2 and driving back to my prefab McMansion in the burb-sprawl and staining my redwood deck with Johnson's WaterSeal? Why oh why must I KNOW that the imminent deaths of such elegancies as Tru64 Unix and MIPS and Alpha are a sin against art and science and technology and Man? Can't I just be stupid too? What's so wrong with me? What have I done? Why must I suffer so? One day, my friends, we will all lounge in paradise happily signing off on million-dollar purchases of Microsoft AntiVirus Protection(TM) with huge idiotic grins upon our faces and lovely oblivious strings of rancid drool dangling from our chins. We will not be tormented by the Knowledge of Good and Evil. Our eyes will bear the brilliant, unfocused glow of perfect, orgasmic stupidity. Until then, we must work to balance our egregious karma. Can there be any doubt whatever that we fried and devoured living human babies in each of our wretched previous incarnations? What more glaring evidence can there be of our complete, total, and inherent evil? We sinners must needs endure the terrible, sadistic wrath of a cold and childish god. May he soon tire of so gleefully tormenting us. Amen. Railgun Sally
And that is Microsoft, the sickest of them all. They are 80-95% of the whole industry alone, and everything else have to rotate around them.
...Ugh! Still not sorted out...
And they soon have a new OS to sell..
As usual this OS is incomplete and a mess:
The event mostly provided a primer on security in Windows Vista, which led to a discussion on how attendees' products might work with the Windows XP successor.
"Symbolic links can clutter up your machine with lots and lots of links that point nowhere" after the malicious software is removed, Kuo said. Protective tools will probably end up doing the clean-up, he said. It's a sign that on Vista systems, security software has more work to do than on earlier versions of the operating system.
Its a good thing the Server version still is some years ahead!
Kronos was the ruler of the elder gods in Greek religion. He had a habit of swallowing his children whole because it had been predicted that one of them would overthrow him. The anti-malware companies are the children of Microsoft. Is it really surprising that they would rather not be eaten?
If you want your life to be different, live it differently.
MS were quite clever to get DOJ all hot under the collar about Netscape & IE. These are no longer competitive areas. What is more important is that DOJ monitors future manuipulations by MS. For example, how they are playing in mobile space, how they're playing in personal audio (will their new audio device kill iPod through fair means or foul?) and things like anti-virus products.
For MS's point of view, being able to lock up the anti-virus APIs makes more than just business sense. It also allows them to shut the door on (limited) review of their system by citing some lame excuses like "there is no valid reason for anyone to look at these interfaces, anywone doing so is probably a terrorist!". Loss of that (limited) review would be a bad thing for the industry.
Engineering is the art of compromise.
If they were smart enough to know the flaws, why not just fix them?
Professional Politicians are not the solution, they ARE the problem.
Before Microsoft jumped into the antivirus/spyware game, everything was okay, because although there were major security issues with Windows, other businesses jumped up to fill the gap and fix the problems. Life went on, and nobody got hurt (except the consumer, paying their $39.99 a year).
Now that Microsoft is in the game, they threaten to destroy these other businesses that were covering-ass before, and screw the consumer even more with price hikes once they dominate the market, but it's not less-right, it's more-wrong. This should never be accepted in the first place! If I put out software with major security flaws and then charged for more software to monitor the holes, I wouldn't sell a copy!
I doubt the government is going to do anything about this. We just have to hope people vote with their dollars once Vista comes out. I know I already have.
If MS makes money out of their security products - ppl say they are anti-competitive If MS makes their security products free - ppl say they are using their OS monopoly to kill the (windows specific) security companies. Solution: Fix the holes in OS instead of offering spyware/anti-virus tools for free/money.
I don't want a signature.
The security companies will be better off forming their own knowledge pool and inviting Microsoft representatives to learn from them.
What's ours is ours and what's yours is ours, right? What a flamebait assertion, that M$ should keep the details of how they do things to themselves but that others should go out of their way to share what they manage to claw from the void. Typical.
M$'s behavior and the results are entirely predictable by this point. They want to own the market so they are withholding what others need. As in every case of M$ putting a "competitor" out of business, the Windoze market will be that much poorer when the competitors are all gone. All everyone is left with is the decidedly inferior M$ offering which will subsequently be neglected and suck more and more as time goes by. Windoze security was already a lost cause, so it won't matter that much. The spam and DoS will continue to flow as long as M$ has market share. The only people this really matters to are those about to lose their jobs.
Friends don't help friends install M$ junk.
Offering someone protection for a fee when you're part of the danger to that person means that you're running a protection racket. For a fee, MS offers to close the holes which it leaves in its operating system. I think that you see this kind of scheme at work all over the computer industry. The pushing of upgrades of software and hardware as a fix against problems is of a similar nature.
SpyBot and AdWare are free, so why would they care if Microsoft bundled anti-spyware with windows? It's not like they're being denied revenue.
The fact is, the overwhelming majority of users don't have any anti-spyware protection, and Microsoft is tired of getting blamed for this (note that spyware doesn't generally rely on OS flaws, but on users explicitly installing malware). In order to clamp down on spyware, it's necessary for anti-spyware to be bundled, since most are not installing 3rd party anti-spyware.
-- "I never gave these stories much credence." - HAL 9000
Maybe you should break a few real windows too - gives people jobs..
Fixing it would be more effective, but less profitable.
You are missing the point.
;-), and having to pay for another product to fix those holes ...
MS plans to make money by fixing flaws in another of their products.
It's like buying a car with doors you can open with a paperclip when locked. And then paying a heafty premium to the car producer to install real locks. Always assuming that the MS antivirus is not going to be full of holes either, of course
"I really wish that Microsoft disappeared .. Then it will be Linux, MacOS, or whatever .. which will be plagued by security grief"
If it was true that you don't see such destructive security breeches on these other OSs because they are not popular, then why don't we see the same on servers running Linux/BsdUnix etc.
"Microsoft is at the top, and hence, is villified" No, Ms is villified because they produce crap product and plot the destruction of their competitors/partners.
"there is NOTHING wrong with MS making an Anti-Virus, and Anti-Spyware solution"
How about producing an OS that don't catch viruses?
"Microsoft offers their Virus Protection as a FOR PAY product"
Further proof if that were necessary, that that MS is lacks the expertise to produce a secure Operating System.
davecb5620@gmail.com